2 // System.Security.CodeAccessPermission.cs
5 // Miguel de Icaza (miguel@ximian.com)
6 // Nick Drochak, ndrochak@gol.com
7 // Sebastien Pouliot <sebastien@ximian.com>
9 // (C) Ximian, Inc. http://www.ximian.com
10 // Copyright (C) 2001 Nick Drochak, All Rights Reserved
11 // Portions (C) 2004 Motus Technologies Inc. (http://www.motus.com)
12 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
14 // Permission is hereby granted, free of charge, to any person obtaining
15 // a copy of this software and associated documentation files (the
16 // "Software"), to deal in the Software without restriction, including
17 // without limitation the rights to use, copy, modify, merge, publish,
18 // distribute, sublicense, and/or sell copies of the Software, and to
19 // permit persons to whom the Software is furnished to do so, subject to
20 // the following conditions:
22 // The above copyright notice and this permission notice shall be
23 // included in all copies or substantial portions of the Software.
25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
34 using System
.Diagnostics
;
35 using System
.Globalization
;
36 using System
.Reflection
;
37 using System
.Runtime
.CompilerServices
;
38 using System
.Runtime
.InteropServices
;
39 using System
.Security
.Permissions
;
40 using System
.Threading
;
42 namespace System
.Security
{
45 [SecurityPermission (SecurityAction
.InheritanceDemand
, ControlEvidence
= true, ControlPolicy
= true)]
47 [MonoTODO ("CAS support is experimental (and unsupported).")]
48 public abstract class CodeAccessPermission
: IPermission
, ISecurityEncodable
, IStackWalk
{
51 protected CodeAccessPermission ()
56 [Conditional ("MONO_FEATURE_CAS")]
58 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
62 new PermissionSet (this).Assert ();
65 public abstract IPermission
Copy ();
68 [Conditional ("MONO_FEATURE_CAS")]
72 // note: here we're sure it's a CAS demand
73 if (!SecurityManager
.SecurityEnabled
)
76 // skip frames until we get the caller (of our caller)
77 new PermissionSet (this).CasOnlyDemand (3);
81 [Conditional ("MONO_FEATURE_CAS")]
83 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
87 new PermissionSet (this).Deny ();
91 public override bool Equals (object obj
)
95 if (obj
.GetType () != this.GetType ())
97 CodeAccessPermission cap
= (obj
as CodeAccessPermission
);
98 return (IsSubsetOf (cap
) && cap
.IsSubsetOf (this));
101 public abstract void FromXml (SecurityElement elem
);
104 public override int GetHashCode ()
106 return base.GetHashCode ();
109 public abstract IPermission
Intersect (IPermission target
);
111 public abstract bool IsSubsetOf (IPermission target
);
113 public override string ToString ()
115 SecurityElement elem
= ToXml ();
116 return elem
.ToString ();
119 public abstract SecurityElement
ToXml ();
121 public virtual IPermission
Union (IPermission other
)
124 throw new System
.NotSupportedException (); // other is not null.
129 [Conditional ("MONO_FEATURE_CAS")]
131 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
133 public void PermitOnly ()
135 new PermissionSet (this).PermitOnly ();
139 [Conditional ("MONO_FEATURE_CAS")]
141 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
143 public static void RevertAll ()
145 if (!SecurityManager
.SecurityEnabled
)
147 throw new NotImplementedException ();
151 [Conditional ("MONO_FEATURE_CAS")]
153 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
155 public static void RevertAssert ()
157 if (!SecurityManager
.SecurityEnabled
)
159 throw new NotImplementedException ();
163 [Conditional ("MONO_FEATURE_CAS")]
165 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
167 public static void RevertDeny ()
169 if (!SecurityManager
.SecurityEnabled
)
171 throw new NotImplementedException ();
175 [Conditional ("MONO_FEATURE_CAS")]
177 [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
179 public static void RevertPermitOnly ()
181 if (!SecurityManager
.SecurityEnabled
)
183 throw new NotImplementedException ();
186 // Internal helpers methods
188 // snippet moved from FileIOPermission (nickd) to be reused in all derived classes
189 internal SecurityElement
Element (int version
)
191 SecurityElement se
= new SecurityElement ("IPermission");
192 Type type
= this.GetType ();
193 se
.AddAttribute ("class", type
.FullName
+ ", " + type
.Assembly
.ToString ().Replace ('\"', '\''));
194 se
.AddAttribute ("version", version
.ToString ());
198 internal static PermissionState
CheckPermissionState (PermissionState state
, bool allowUnrestricted
)
202 case PermissionState
.None
:
204 case PermissionState
.Unrestricted
:
205 // unrestricted permissions are possible for identiy permissions
208 msg
= String
.Format (Locale
.GetText ("Invalid enum {0}"), state
);
209 throw new ArgumentException (msg
, "state");
214 internal static int CheckSecurityElement (SecurityElement se
, string parameterName
, int minimumVersion
, int maximumVersion
)
217 throw new ArgumentNullException (parameterName
);
219 // Tag is case-sensitive
220 if (se
.Tag
!= "IPermission") {
221 string msg
= String
.Format (Locale
.GetText ("Invalid tag {0}"), se
.Tag
);
222 throw new ArgumentException (msg
, parameterName
);
225 // Note: we do not care about the class attribute at
226 // this stage (in fact we don't even if the class
227 // attribute is present or not). Anyway the object has
228 // already be created, with success, if we're loading it
230 // we assume minimum version if no version number is supplied
231 int version
= minimumVersion
;
232 string v
= se
.Attribute ("version");
235 version
= Int32
.Parse (v
);
237 catch (Exception e
) {
238 string msg
= Locale
.GetText ("Couldn't parse version from '{0}'.");
239 msg
= String
.Format (msg
, v
);
240 throw new ArgumentException (msg
, parameterName
, e
);
244 if ((version
< minimumVersion
) || (version
> maximumVersion
)) {
245 string msg
= Locale
.GetText ("Unknown version '{0}', expected versions between ['{1}','{2}'].");
246 msg
= String
.Format (msg
, version
, minimumVersion
, maximumVersion
);
247 throw new ArgumentException (msg
, parameterName
);
252 // must be called after CheckSecurityElement (i.e. se != null)
253 internal static bool IsUnrestricted (SecurityElement se
)
255 string value = se
.Attribute ("Unrestricted");
258 return (String
.Compare (value, Boolean
.TrueString
, true, CultureInfo
.InvariantCulture
) == 0);
261 internal static void ThrowInvalidPermission (IPermission target
, Type expected
)
263 string msg
= Locale
.GetText ("Invalid permission type '{0}', expected type '{1}'.");
264 msg
= String
.Format (msg
, target
.GetType (), expected
);
265 throw new ArgumentException (msg
, "target");
269 // Workaround for CS0629
270 void IStackWalk
.Assert ()
274 void IStackWalk
.Deny ()
278 void IStackWalk
.PermitOnly ()
282 void IStackWalk
.Demand ()
286 void IPermission
.Demand ()